Re: [PATCH firewalld] feat: service: add nbd (Network Block Device) service
On Thu, Aug 13, 2020 at 11:25:18AM -0500, Eric Blake wrote:
On 8/13/20 10:28 AM, Eric Garver wrote:
> On Thu, Aug 13, 2020 at 01:38:54PM +0100, Richard W.M. Jones wrote:
> > ---
> > config/Makefile.am | 1 +
> > config/services/nbd.xml | 6 ++++++
> > po/POTFILES.in | 1 +
> > 3 files changed, 8 insertions(+)
>
> Thanks! I applied and pushed this upstream:
>
> 8f562559dad8 ("feat: service: add nbd (Network Block Device)
> service")
Unrelated question - why can't firewalld automatically support an implied
service for every listing in /etc/services, in order to reduce the number of
patches needed to config/services/*.xml which end up duplicating efforts?
You can do that.
# firewall-cmd --add-port gopher/tcp
success
Internally it uses socket.getservbyname() [1].
Unfortunately listing the ports doesn't do the reverse translation, but
this could be addressed.
# firewall-cmd --list-ports
70/tcp
Services are useful if you want to open a collection of ports or the
service needs conntrack helpers.
[1]: https://docs.python.org/3/library/socket.html#socket.getservbyname